Texas votes on its own CISPA-like cyber bill

The biggest thing to come out of Texas may turn out to be a blow to Internet freedoms: legislators there are considering a bill that would compromise privacy on the Web for all residents of the Lone Star State.

Lawmakers in the State Senate are expected to vote Monday on a
bill that, if passed, would compel Internet Service Providers
(ISPs) anywhere in the world to fork over private Web records if
that information could aid in a criminal investigation.

Federal legislation already in place would likely trump any
attempts from Texas prosecutors to pry personal ISP records or
other online communications from the likes of social networking
sites, but the efforts on behalf of Lone Star lawmakers to get the
ball rolling on a new cyber-spy bill are indeed very real. Last
week, its companion bill in the State House of Representatives
passed unanimously, and similar outcome in the Senate is all now
expected any moment. Now should SB 1052 proves victorious in the
Senate, an Internet surveillance bill written in Texas but with
international implications could be added to the law books later
this year.

Ben Sherman of the Burnt Orange Report cautioned in a blog post
last week that the bill could be very dangerous to all Americans if
passed because it would let local authorities seize electronic
records held on servers outside of Texas.

“The bill requires any Internet provider to people in Texas
(that is - just about the entire Internet) to respond to search
warrants for online communications in 4-30 days. That is an
extremely narrow window which makes it difficult for Internet
providers to keep users' other information private,” he
wrote.

Following the failed attempts to pass cybersecurity bills on a
national level, as seen most recently in the stalled Cyber
Intelligence Sharing and Protection Act (CISPA), a number of state
and local governments have considered bills that would bring the
tools asked for in aborted federal acts into the hands of
prosecutors in Texas.

Whereas CISPA sought to find a way to ease the sharing of
potentially dangerous information between third-party businesses
and the federal government, the efforts coming out of Texas would
ensure that ISPs and any other businesses that operate over the Web
would have to relinquish user data if a police officer argues there
is probable cause it is pursuant to an investigation.

“Internet communications companies often hold information and
data vital to prosecute an offense under state law, particularly
relating to Internet crimes. Although the certain electronic
communications may take place within a state, law enforcement
officers must apply for a local search warrant in an Internet
company's jurisdiction, often found out of state,” wrote the
bill’s author, Sen. John Carona (R-Dallas). “This
limitation hampers law enforcement’s efforts to obtain evidence on
Internet criminals, who are able to remove or change identifying
data much faster than law enforcement can obtain warrants.”

Sherman, however, thinks the law could be used broadly to bring
any sort of online evidence under the magnifying glass of
prosecutors, causing a widespread fishing exhibition that will
allow law enforcement to essentially request any sort of electronic
communication of any business that operates online.

“The electronic communications at risk include all online
communication - emails, Facebook messages, tweets and messages on
private list servers,” wrote Sherman. “Additionally, the bar
is set extremely low for police officers to prove that they may
find something important in a person's online
communications.”

Indeed, SB 1052 only asks that probable cause “must be
supported by the oath or affirmation of the authorized peace
officer.”

“That is almost not a standard at all,” insisted Sherman.
“With a bar so low and a reach so broad, such legislation will
lead to widespread abuse and exposure of private information, and
enable politically motivated ‘investigations.’ This is government
overreach and Texans of all political ideologies should oppose it.
If this bill becomes law, any investigation that can be brought
into the Texas jurisdiction would have all the tools of CISPA, in
which any private online activity can be easily seized by the
government, at its disposal. That is terrible news not only for
Texans but for all Americans.”

“The bill,” acknowledged Sen. Carona, “reciprocates
the electronic data search warrant process with other states
already implementing similar statutes, which would allow Texas to
serve data search warrants directly to out of state companies as
well.”

Later in the text, the bill is described as extending “the
jurisdiction of district judges by granting them privileges to
issue data search warrants beyond the physical boundaries of the
state for computer data searches only.”

The House version of the bill — nearly identical to Sen.
Carona’s version — passed on May 7 with no opposition. Rep. John
Frullo (R-Lubbock) co-authored that bill and told lawmakers in the
capital that passing the bill would be instrumental in stopping
predators who stalk children online.

"Under current law," Frullo said, "Texas judges'
ability to order a search ends at the state line. In our
technology-driven society, this limitation hampers law
enforcement's efforts to go after the evidence needed to prosecute
those who commit these horrible crimes and exploit our
children."

“Predators are hurting, exploiting and assaulting our
children through the use of the internet. That needs to stop,”
he said in a press release earlier this year. After this week’s
vote, his colleagues in the Senate will decide if they are willing
to join his side — and at what cost to privacy.